Verify Privilege Vault End User Guide
This guide is for regular, non-administrative, users of Verify Privilege Vault. It is mostly a set of links to a subset of the greater corpus of Verify Privilege Vault documentation. For Verify Privilege Vault Cloud, see the Verify Privilege Vault Cloud Quick Start.
What Is Verify Privilege Vault?
Verify Privilege Vault is a comprehensive Privileged Access Management (PAM) solution designed to protect, control, and manage privileged accounts and credentials within an organization. It offers a secure, centralized vault to store sensitive information, such as passwords, keys, and certificates, while ensuring that access to these critical assets is granted only to authorized personnel.
Equipped with advanced features like access control, auditing, and automated password rotation, Verify Privilege Vault enables organizations to maintain a strong security posture, reduce the risk of data breaches, and comply with regulatory requirements.
What Is the Purpose of the End User Guide?
Verify Privilege Vault is a powerful, advanced product with a wide range of capabilities. Even so, it is very easy to use for regular day-to-day operations for non-technical people. The key to this is knowing what to ignore and understanding the bits you do need to know. This guide is designed to help you do just that. It provides links to only what you need to know. You can add other topics later as needed.
Getting Help
-
Technical Support: Please contact your organization's help desk.
Important: When using this User Guide, it is easy to get lost in the ocean of Verify Privilege Vault documentation. To avoid that, we recommend using <Ctrl > + click to access the links here. That way, the page you are going to will open to a new browser tab, leaving this one as is, making it much easier to get back to. You can also simply use the browser back button to return, but that can get tiresome because many pages link to others.
Logging on Verify Privilege Vault
Depending on how your administrators configured Verify Privilege Vault, you can log on with either your Active Directory account or a local account.
-
In your browser, go to the URL for your organization's Verify Privilege Vault.
-
On the Pick Your Account popup, select your Active Directory account. The Enter Password popup appears. If you do not have an AD account, you may need to enter your local or domain information.
-
Click the Sign In button. If you have Duo two-factor authentication, this appears:
Your cell phone receives a notification you have to approve to access Verify Privilege Vault.
Verify Privilege Vault also supports other two-factor authentication methods (depending on what your organization configured), such as text or email codes that Verify Privilege Vault prompts you for.After you log on with your local account for the first time, you are immediately prompted to change your password . -
Click the Login button. The Verify Privilege Vault All Secrets page appears.
Secrets
Secrets are individually named packets of sensitive information, such as passwords. Secrets address a broad spectrum of secure data, each type represented and created by a secret template that defines the parameters of all secrets based on it. Secrets are very powerful and provide many ways of controlling and protecting their data, such as:
- Ensuring passwords are long, complex, and frequently changed.
- Relieving users of having to remember numerous complex passwords or when to change them. You only need to remember your password to access Verify Privilege Vault. All of your secret passwords are managed for you.
- Automatically changing passwords at set intervals with no user intervention.
- Defining who has access to the secret.
- Ensuring the person accessing Verify Privilege Vault or a secret is indeed you.
- Recording who actually accessed a secret.
All secret text-entry field information is securely encrypted before being stored in the database, including a detailed audit trail for access and history.
Some important basic information about secrets:
- Viewing Secrets (includes checking expiration and history)
- Creating Secrets
- Secret Configuration Options
- Editing Secrets (includes manually changing passwords, instead of waiting for expiration)
- Deactivating and Reactivating Secrets
Secret Folders
Secret folders allow you to create containers of secrets based on your needs. They help organize your customers, computers, regions, and branch offices, to name a few. Folders can be nested within other folders to create sub-categories for each set of classifications. Secrets can be assigned to these folders and sub-folders. Folders allow you to customize permissions at the folder level, and all secrets within can inherit the folder's permissions. Setting permissions at the folder level ensures future secrets placed in that folder have the same permissions, simplifying management across users and groups.
Using Secrets on Websites (Web Password Filler)
Please set up Web Password Filler (WPF) in the following order:
-
Ensure you can log in to Verify Privilege Vault the conventional way.
-
If necessary, create a folder in Verify Privilege Vault where the WPF secrets will reside.
-
Login to Verify Privilege Vault via WPF.
Checking out Secrets
The Verify Privilege Vaultcheck-out feature grants exclusive access to a single user. If a secret is configured for check out, a user can then access it. No other user can access a secret while it is checked out, except unlimited administrators. This guarantees that if the remote machine is accessed using the secret, the user who had it checked out was the only one with proper credentials at that time. See Checkout Overview for details.
Getting Notified of Secret Events
Verify Privilege Vault records specific events, including expired secrets, and optionally sends you alerts when they happen. See the Notification Inbox Overview and Creating Event Subscriptions for details.
Learning More About Verify Privilege Vault—the Getting Started Tutorial
We created a Getting Started Tutorial Overview for technical users. While it covers many things you do not need to know right now, you may later find it helpful if you want to get a deeper understanding of Verify Privilege Vault.